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(54) User authentication for roaming between mobile telecommunications networks 



(57) A dual mode user terminal UT 1 can roam from 
an 18-41 PLMN 9 to a GSM type network, comprising a 
satellite network, so that the satellite network can be 
provided as a roamed, extension of the PLMN. In order 
to provide end-to-end authentication, an IS-41 chal- 
lenge is transmitted to the handset through the satellite 
network, packaged as a GSM, USSD or SMS, the 



resulting response produced at user terminal UT 1 is 
packaged as a GSM, USSD or SMS and transmitted 
through the satellite network to an interworking function 
unit 32. The AUTHR together with the challenge are 
transmitted to the authentication centre AC of the PI^N 
9, so that end-to-end authentication can be carried out. 
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Description 

This Invention relates to authenticating a mobile 
user terminal that has roamed from one telecommuni- 
cations network to another and has particular but not s 
exclusive application to authentication when roaming 
from an IS-41 network such as a DAMPS network, to 
one which uses GSM authentication techniques, such 
as a satellite telecommunication network. 

Terrestrial mobile telecommunications systems are 10 
well known and a number of different systems have 
developed which operate according to different stand- 
ards. These public land mobile networks (PLMNs) may 
operate according to analog or digital standards. In 
Europe, the Ear East, excluding Japan and elsewhere, is 
the digital Global System Mobile (GSM) network has 
become popular, whereas in USA, networks which 
operate according to tfie IS-41 recommendations such 
as the Advanced Mobile Phone System (AMPS) and the 
Digital American Mobile Phone System (DAMPS) are 20 
used. In Japan, the Personal Handlphone System 
(PHS) and the Personal Digital Communication (PDC) 
network are in use. More recently, proposals have been 
made for a Universal Mobile Telecommunications Sys- 
tem (UMTS). These networks are all cellular and land- 25 
based but have differences in architecture and use dif- 
ferent signalling protocols and transmission frequency 
bands. 

ConskJering for example the GSM system, individ- 
ual cells of tiie mobile network are served by a series of 30 
geographically spaced, terrestrial base fransceiver sta- 
tions (BTSs) which are coupled through base station 
controllers (BSCs) to a mobile switching centre (MSG) 
which may provide a gateway out of tiie network to a 
conventional public switched telephone network 35 
(PSTN). The network includes a home location register 
(HLR) which stores information about the subscribers to 
the system and their user terminals. When a user termi- 
nal is switched on, it registers with the HLR and an 
authentication procedure is canried out. Each mobile 40 
user terminal is provided with a smart card known as a 
subscriber identification module (SIM) which stores two 
unque items of identification in order to identify the sub- 
scriber. The first item comprises an international mobile 
subscriber identity (IMSQ and second item comprises a 45 
secret parameter referred to in the GSM specifications 
as Ki. Associated witii the HLR is an autiientication cen- 
tre (AuC) which includes data corresponding to the IMSI 
and Ki for each subscriber to tiie network. When the 
user terminal is switched on, and at other times, the so 
IMSI is transmitted from the user terminal to the HLR, 
which then refers to tiie AuC in order to autiienticate the 
user. The IMSI is ched^ In tiie memory of the AuC. 
and a corresponding value of Ki is relieved. Also, a ran- 
dom number RAND is generated in the AuC. The ran- ss 
dom number RAND and the value of Ki are applied as 
inputs to an algoritiim referred to in the GSM Specifica- 
tions as A3 to generate a signed result SRES. The AuC 



also includes an algoritiim referred to in the GSM Spec- 
ifications as A8 which generates a secret key Kc ttiat is 
used for encryption/decryption of data transmitted over 
the air between the user terminal and the land-based 
network. In practice, the algorittims A3/A8 may be con- 
stituted by a single algoritiim produdng a 96 bit output 
of which 32 bits constitute SRES and the remaining 64 
bits constitute Kc. A triplet of signals comprising RAND. 
SRES and Kc is fed from tiie AuC, ttirough tiie HLR to 
tiie MSC. which acts as a checking station in tiie 
authentication procedure. 

The individual value of RAND is tiien transmitted on 
to the user terminal through ttie network from ttie MSC. 
The SIM of tiie user terminal has tiie algoritiim A3/A8 
stored locally, so as to generate a corresponding value 
of SRES* and Kc at the user terminal, from the received 
value of the random number RAND and the stored value 
of Ki in tiie SIM. 

The value of SRES' is transmitted back tiirough the 
network to tiie MSC and compared with the originally 
generated value of SRES. If they are the same, tiie user 
terminal is authenticated but othenvise registration of 
tiie user terminal witii the HLR is barred. 

Thereafter, if tiie user terminal is autiienticated ttie 
MSC initiates encryption/decryption of data transmitted 
over tiie networK using an enciphering/deciphering 
algoritiim referred to in tiie GSM Specifications as A5, 
which uses as its inputs the secret key Kc and tiie frame 
number of data transmitted through tiie network. The 
SIM of the user terminal generates Its own value of the 
secret key Kc using its locally stored copy of the algo- 
ritiim A8. The local value of Kc at the user terminal can 
then be used to encrypt/decrypt data transmitted, using 
a locally held copy of tiie algoritiim A5. 

The autiientication procedure used in GSM has tiie 
advantage that only random numbers are transmitted 
over the air interface between the user terminal and tiie 
BTS. which minimises tiie risk of fraudulent registration. 

For further details of the authentication procedure 
and subsequent data encryptton/decryption, reference 
is directed to *The GSM System for Mobile Communica- 
tions" M. Mouly & M-B. Pautet, Cell & Sys.1992 pp 477- 
492. 

If the user terminal roams to a different GSM net- 
work, in a different geographical location, it registers 
with a visitor location register (VLR) of tiie visited net- 
work, which communicates with tiie HLR of the home 
network for billing and other purposes. 

Considering now tiie networks which operate 
according to the IS-41 recommendatfons, a number of 
base stations BS are connected to a MSCA/LR. coupled 
to an HLR in a generally similar configuration to a GSM 
network. Associated with tiie HLR is an authentication 
centre AC. Each mobile hand set Includes a numeric 
address module (NAM) which stores an individual 
mobile identity number (MIN) together with a secret key 
known as tiie A-key. The autiienticatfon centre AC main- 
tains a list of tiie A-keys associated with the MINs for tiie 
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user terminals which are registered with the network. 
Authentication for an IS-41 network makes use of a so- 
called CAVE algorithm. The CAVE algorithm makes use 
of so-called shared secret data SSD. which Is generated 
from the A-key and MIN for each user terminal 5 

To perform authentication, initially, the authentica- 
tion centre AC transmits to the user terminal, a request 
that the SSD is updated. The SSD is then updated both 
at the user terminal and at the authentication centre AC. 
A feature of the SSD is that it is not possible to obtain 10 
details of the A-keys from the SSD. 

Then, the MIN is transmitted from the user terminal 
to the MSC which, in turn generates a challenge in the 
form of a random number RAND which is transmitted 
back to the user terminal. The CAVE algorithm is then is 
run at the user terminal using the current value of SSD 
and RAND to produce an authorization response 
AUTHR. which is then transmitted back over the net- 
work to the MSC. The current value of MIN, RAND and 
AUTHR are transmitted through the network to the AC 20 
and the CAVE algorithm is run. using the local value of 
SSD and RAND received from the MSC. TTius, the 
value of AUTHR is produced at the AC. which can be 
compared with the value of AUTHR received from the 
user terminal. If they are the same, a successful authen- 2s 
tication has been achieved, but if they are different, a 
response is sent to the MSC to cancel the registration of 
the user terminal from the VLR. Alternatively, the AC 
may be entrust the SSD to the MSC. allowing the MSC 
to run the CAVE algorithm using SSD and RAND and 30 
comparing the result to provide AUTHR without refer- 
ring back to the AC. 

Although the authentication procedure is generally 
similar to the procedure used in GSM, it is different in 
detail, and the procedures are not compatible. 35 

Mobile telecommunication systems have been pro- 
posed that use satellite communication links between 
mobile user terminals arxl conventional terrestrial net- 
works such as PSTNs and PLMNs. One network known 
as the IRIDIUM ^ satellite cellular system is described 40 
in EP-A-0365885 and US Patent No. 5 394 561 
(Motorola), which makes use of a constellation of so- 
called low earth orbit (LEO) satellites, that have an 
orbital radius of 780 km. Mobile user terminals such as 
telephone handsets establish a link to an overhead 45 
orbiting satellite, from which a call can be directed to 
another satellite in the constellation and then typically to 
a ground station which is connected to conventional 
land-based networks. 

Altemative schemes which make use of so-called so 
medium earth orbit (MEO) satellite constellations have 
been proposed with an orbital radius in the range of 10- 
20.000 km and reference is directed to Walter J.G. 
"Satellite Patterns for Continuous Multiple Whole Earth 
Coverage" Royal Aircraft Establishment, pp 119-122 as 
(1977). Reference is directed to the ICO satellite cel- 
lular system described for example in GB-A-2 295 296, 
and to the ODYSSEY ~ satellite cellular system 
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described in EP-A- 0 510 789. With these systems, the 
satellite comnruinication link does not permit communi- 
cation between adjacent satellites and instead, a signal 
from a mobile user terminal such as a mobile handset is 
directed firstiy to the satellite and then directed to a 
ground station or satellite access node (SAN), con- 
nected to conventional land-based telephone network. 
This has the advantage that many components of the 
system are compatible witii known digital ten^estrial cel- 
lular technology such as GSM. Also simpler satellite 
communication techniques can be used than with a 
LEO network. 

In satellite communications networks, ground sta- 
tions are located at different sites around tiie world in 
order to communicate with the orbiting satellites. In tiie 
ICO^ system and others, a visitor location register is 
associated with each of the satellite ground stations, 
which maintains a record of the individual user termi- 
nals tiiat are making use of tiie particular ground sta- 
tion. 

TTie visitor location registers communicate with a 
home location register for the satellite netwak. User ter- 
minals are authenticated for use with tiie satellite net- 
work in a similar way to a conventional land based 
network. For example, the ICO™ system uses an 
authentication procedure con-esponding to GSM 
authentication used for conventional land based GSM 
networks. 

In certain areas of tiie world, coverage provided by 
a conventional terrestrial PLMN and the satellite net- 
work wilt overlap in a common area. It has been pro- 
posed tiiat the individual mobile terminals be operable 
with botii the PLMN and tiie satellite network. The user 
terminals may include a switch to allow the user to 
select the network or alternatively, an automatic selec- 
tion may be made e.g. on the basis of signal strengtii. It 
is envisaged that normally, the conventional ten'estrial 
network will be preferred for reasons of cost and signal 
strengtii but that tiie user will roam to tiie satellite net- 
work when outSKle of ttie coverage area of the PLMN. 
Thus, tiie satellite network service can be offered to 
subscribers by the operator of the PLMN and billing for 
use of tiie satellite service can be caried out through 
tiie facilities already in place for tiie PLMN. 

However, a secure authentication procedure is 
required when tiie subscriber roams from tiie PLMN to 
tiie satellite networK to ensure tiiat when charges for 
use of tiie satellite service are passed to the operator of 
ttie PLMN. tiiey are accurately attributed to individual 
subscribers, witiiout significant risk of fraud. A problem 
arises in achieving authentication when the two net- 
works use different autiientication protocols, and tiie 
invention addresses tiiis issue. 

In a first aspect, the invention provides a metiiod of 
authenticating a user terminal which has roamed from a 
first network tiiat uses a first authentication protocol, to 
a second network that uses a second, different auttien- 
ticatfon protocol, comprising: trar^itting an autiienti- 
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cation challenge to the user terminal according to the 
protocol of the first network, through the second net- 
work, providing a response at the user terminal to the 
challenge in accordance with the first authentication 
protocol, transmitting the response through the second 5 
networK to a checking station, and comparing the 
response at the checking station with con-espondlng 
authentication data for the first network according to the 
first protocol so as to authenticate the user terminal 
according to the first protocol for use with the first net- w 
work. 

The authentication challenge may be transmitted to 
the user terminal through the second networK pack- 
aged as a message in a data format pertinent to the 
second network. is 

The first network may be configured in accordance 
with IS-41 recommendations, and the second network 
may be configured in accordance with GSM recommen- 
dations in which case, the challenge and the response 
may be packaged as a USSD or SMS for transmission 20 
through the GSM network. 

The method according to the invention may include 
authenticating the roamed user terminal for use with 
said second network in accordance with the second 
protocol, and only authenticating the terminal in accord- 25 
ance with the first protocol if the authentication accord- 
ing to the second protocol is successful. The 
authentication for the second network may include 
transmitting an initial authentication challenge to the 
user terminal according to the protocol of the second so 
network, through the second network, providing a 
response at the user terminal to the challenge accord- 
ing to a predetermined algorithm in accordance with the 
second authentication protocol, transmitting the 
response through the second network to a checking sta- 35 
tlon for the second network, and comparing the 
response at the checking station for the second network 
with authentication data according to the second proto- 
col to authenticate the user terminal for use with the 
second network. 40 

The second network may comprise a satellite net- 
work. 

The invention also includes a user terminal for 
roaming from a first network that uses a first authentica- 
tion protocol, to a second network that uses a second. 4S 
different authentication protocol, comprising: a receiver 
to receive an authentication challenge according to the 
protocol of the first network, through the second net- 
worK means operative to provide a response to the 
challenge in accordance with tiie first authentication so 
protocol, and a transmitter operative to transmit the 
response tiirough the second networK for permitting the 
response to be compared at a remote checking statton 
with con^esponding authentication data for the first net- 
work according to the first protocol, for autiienticating ss 
the user terminal according to the first protocol, for use 
witti the first network. 

The user terminal according to the invention may 
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further include: a receiver to receive an authentication 
challenge according to tiie protocol of tiie second net- 
work, through the second networK means operative to 
provide a response to the challenge in accordance witii 
tiie second authentication protocol, and a transmitter 
operative to transmit the response tiirough tiie second 
networK for permitting the response to be compared at 
a remote checking station with corresponding autiienti- 
cation data for the second network according to the sec- 
ond protocol, for authenticating tiie user terminal 
according to the second protocol, for use witii tiie sec- 
ond network 

The invention further includes a user terminal oper- 
ative according to GSM recommendations and IS-41 
recommendations, and responsive to an IS-41 chal- 
lenge packaged as a USSD or SMS. to produce a IS-41 
response, transmitted as a SMS or USSD. 

In accordance with the invention an interworking 
function unit may be provided for providing interworking 
between a first and second telecommunications net- 
works operative according to a first and second different 
sets of recommendations with respective first and sec- 
ond authentication protocols, for use in authenticating a 
user terminal which has roamed from tiie first network 
to tiie second networK the unit comprising: means for 
routing an authentication challenge according to the 
protocol of the first networK towards a user terminal, 
tiirough the second network; means to receive from tiie 
user terminal, through the second networK a response 
to the challenge in accordance with tiie first authentica- 
tion protocol; and means for routing tiie response in a 
format in accordance with the recommendations for tiie 
first network, towards a checking station at which it is 
compared witii corresponding autiientication data for 
tiie first network according to tiie first protocol so as to 
authenticate the user terminal for use witii tiie first net- 
work. 

In order tiiat the invention may be more fully under- 
stood, an embodiment thereof will now be described by 
way of example with reference to the accompanying 
drawings, in which: 

Figure 1 is a schematic diagram of a satellite tele- 
communications system togetiier witii a local, land- 
based mobile telecommunications system, in 
accordance with the invention; 
Rgure 2 is a more detailed block diagram of the sat- 
ellite network in the vicinity of SAN 1 and the asso- 
ciated terrestrial cellular networK for illustrating 
intenworking; 

Rgure 3 is a schematic block diagram illustrating 
intercommunication witiiin tiie satellite network; 
Rgure 4 is a schematic diagram of a mobile user 

terminal; 

Rgure 5 is a schematic block diagram of the circuits 
off the terminal shown in Figure 4; 
Rgure 6 is a schematic block diagram of the SIM 
card shown in Figures 4 and 5; 
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Figure 7 is a schematic block diagram of the inter- 
working unit 32 shown in Figure 2; 
Figure 8 is a schematic flow chart for convention IS- 
41 authentication for the PI-MN 9: 
Figure 9 is a flow chart of an alternative authentica- s 
tion procedure for the PLMN 9; 
Figure 10 is a schematic flow chart of GSM-type 
authentication in the satellite network; 
Figure 11 is a schematic general flow chart of the 
authentication procedure when the user terminal io 
roams for the IS-41 network 9, to the satellite net- 
work; 

Figure 12 is a schematic flow diagram of a SSD 
update performed in the authentication shown in 
Figure 1 1 is 
Figure 13 is a schematic flow diagram for end-to- 
end authentication, performed after the SSD 
update of Figure 12. in accordance with the inven- 
tion; 

Figure 14 is a flow chart of a nKxiified end-to-end 20 
authentication; and 

Figure 1 5 is a schematic diagram of a USSD includ- 
ing an IS-41 challenge. 

Satellite Network 2s 

Referring to Figure 1 , a schematic block diagram of 
a satellite mobile telecommunication network is shown 
corresponding generally to the ICO™ network. A mobile 
user terminal UT 1 in the form of a mobile telephone 30 
handset can communicate on a radio channel over a 
communication path 1, 2 via an earth orbiting satellrte 
3a with a land-based satellite access node SAN 1 . As 
shown schematically in Figure 1 , SAN 1 is provided with 
an antenna 4 which can track the orbiting satellite. 35 

A number of the satellite access nodes SAN 1 , 2, 3, 
etc are connected together to form a backbone network 
5. which is connected through a number of gateways 
GW 1. 2, 3, etc to conventional land-based telephone 
networks. For example, considering the gateway GW1 , 40 
it is connected to a land-based public switch telephone 
network (PSTN) 6, which permits connection to be 
made to a conventional telephone set 7. The gateway 
GW1 Is additionally connected to a public switch data 
network (PSTN) 8 and a public local mobile network 4S 
(PLMN) 9. Each of the gateways GW 1.2.3 may com- 
prise commercially available mobile switching centres 
(MSCs) of the type used in GSM networks. 

For a fuller understanding of GSM. reference is 
directed to the various GSM Recommendations issued so 
by the European Telecommunications Institute (ETSl). 
Also reference is directed to The GSM System for 
Mobile Communications" by M. Mouly and M-B. Pautet, 
supra, for a more easily understandable synopsis 

As shown In Figure 1 , the handset UT 1 can also ss 
communicate with the conventional land-based mobile 
network PLMN 9. which Is shown schematically to 
include a transceiver station 10 that establishes a 



duplex link 1 1 with the user terminal UT 1 . In this exam- 
ple, the PLMN 9 Is a IS-41 based network such as a D- 
AMPS network. 

The satellite network is designed to provide world- 
wide coverage and the satellites 3a. 3b form part of a 
constellation of satellites, which may be arranged in 
several orbits. In one example, two orbits of five satel- 
lites are used, which can be shown to provide coverage 
of a major part of the surface of the earth, in which for a 
10"" satellite elevation angle, one satellite can be 
accessed by the mobile handset all of the time and two 
satellites can be accessed for at least 80% of the time, 
thereby providing system diversity Further satellites 
may be included in the constellation in order to provide 
additional redundancy and diversity. 

The satellites are typically anranged In a MEO con- 
stellation, for example with an orbital radius of 10,355 
km. although the invention is not restricted to a particu- 
lar orbital radius. In this embodiment, satellites 3a, 3b 
are shown In a common orbit and the satellites are 
tracked by the antenna arrangement of each SAN. Typ- 
ically, each SAN includes f ive antennas for tracking indi- 
vidual satellites of the constellation. The SANs are 
spaced around the earth In order to provide continuous 
coverage. In the example shown. SAN 1 may be located 
in Europe whereas SAN 2 may be located in Africa, 
SAN 3 in America and other SANs may be located else- 
where. In Figure 1 , the SAN 2 Is shown communicating 
with user terminal UT 2 via satellite 3b. For further 
details of the satellite network, reference is directed to 
GB-A-2 295 296. 

The satellites 3a, 3b are in non-geostationary orbits 
and comprise generally conventional satellites such as 
the Hughes HS 601 and may include features disclosed 
in GB-A-2 288 913. Each satellite 3a, 3b is arranged to 
generate an an'ay of beams covering a footprint on the 
earth beneath the satellite, each beam including a 
number of different frequency channels and time slots 
as described in GB-A-2 293 725. The beams thus pro- 
vide adjacent cellular areas which conrespond to the 
cells of a conventional land-based mobile telephone 
network. The satellites are controlled by means of a sat- 
ellite control centre (SSC) 12 and a tracking telemetry 
and control station (TT&C) 13, which are connected to a 
network management centre 14 tiirough a digital net- 
work 15 that is coupled to the backbone network 5. The 
SSC 12 and the TT&C 13 control operation of the satel- 
lites 3a, 3b. e.g. for setting the transmission power lev- 
els and transponder input tuning, as directed by the 
NMC 14. Telemetry signals for the satellites 3a, 3b are 
received by the TT&C 13 and processed by the SSC 1 2 
to ensure that the satellites are functioning correctiy. 

During a telephone call, the handset UT 1 . 2 com- 
municates with tiie satellite 3a. 3b via a full duplex chan- 
nel comprising a down link channel and an up link 
channel. The channels include TDMA time slots on fre- 
quencies allocated on initiation of tfie call. 

Referring to Figure 2. the configuration of SAN 1 
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and the local PIJ\/IN 9 is shown in more detail. SAN 1 
consists of a land earth station LES 1 which is coupled 
to the five dish antennas 4 for tracking the satellites, the 
LES 1 including transmitter and receiver circuits with 
amplifiers, multiplexers, demultiplexer and codecs. A $ 
mobile satellite switching centre MSSC 1 is coupled to 
LES1 and to a satellite visitor location register VLRqatI • 
MSSC 1 couples communication signals (voice and 
packet data) to the k)ackbone network 5 and to the LES 
1 , so as to allow indivkiual telephone calls to be estab- io 
lished through the bacM^one network 5 and the duplex 
communication link 1, 2 via the satellite 3a. to the 
mobile terminal UT 1. The MSSC 1 responds to 
addresses on incoming communication signals from the 
antenna 4 to route the signals appropriately to their des- 75 
tination& 

The VLRsAT^ rnaintains a record of each of the 
subscribers, namely the IMSIs of each of the user termi- 
nals UT that are making use of the SAN 1 for signal 
communication. 20 

The MSSC 1 is connected to the gateway GW1 so 
as to provide an output connection to PLMN 9. together 
with PSDN 8 and PSTN 6 shown in Figure 1. Thus, typ- 
ically, the packet data will be fed to and from the PSDN 
8 and voice signals will be communicated to and from 25 
the network PLMN 9 or PSTN 6. It will be understood 
that all the SANs are of similar construction with a 
respective VLR^at to maintain a record of the subscrib- 
ers registered. 

Referring to Figure 3, the satellite network also 30 
includes a database 1 7 referred to herein as the satellite 
home location register (HLRsat) that contains records 
relating to each mobile user terminal UT. The record 
includes the terminal's identity, namely, its IMSI, the 
geographical location of the UT. the home MSSC with 3S 
which the UT is registered, so as to enable billing and 
other data to be collected at a single point, and the cur- 
rently active SAN with which the UT is in communication 
via a satellite. TTie HLRsat 17 may be located at the 
NMC 1 4 shown in Figure 1 or may be distributed among 40 
the SANs 1, 2, 3 etc. Associated witii tiie HLRsat 17 is 
an authentication centre AuC which stores the secret 
parameter Ki and tiie associated IMSI for each sub- 
scriber to tiie satellite networK in accordance witii the 
GSM Recommendations in order to authenticate the 4S 
subscriber for use with the satellite network 

I&41 Network (PLMN 9) 

Referring again to Figure 2, the IS-41 mobile net- so 
work 9 comprises a DAMPS network and includes a 
number of base transceiver stations BS 1 . 2. 3 etc which 
are geographically spaced apart In order to support a 
cellular network in a manner well known per $e. Typi- 
cally, the IS-41 network 9 has a coverage area that over- ss 
lies a counti-y or state, and thus overlaps witii tiie global 
coverage of the satellite network. BS 1 is shown witii an 
associated antenna 10, connected by a landllne to a 



mobile switching centre MSC 1 which can route calls 
wittiin the mobile network and also tiirough a gateway 
GMSC 1 to a conventional PSTN over line 18, or to the 
satellite network, over line 19 tiirough the gateway GW 
1. 

A home location register HLR for tiie land-based IS- 
41 network 9 is provided, coupled to the GMSC 1 . The 
HLR, in a conventional manner, keeps a record of tiie 
identities of the user terminals registered for use witii 
ttie network, known In the nomenclature of lS-41 as tiie 
nfKxJule kJentity number (MIN). The PLMN 9 may also 
Include a visitor location register VLR which maintains a 
record of subscribers temporarily registered with the 
network, tiiat have roamed from other IS-41 networks. 
For exanple. if the PLMN 9 is sited in one geographic 
region of tiie USA e.g. California, subscribers from an 
IS-41 network in another geographic region e.g. New 
York State, may be locally registered on a temporary 
basis whilst in California. In a conventional manner, tel- 
ephone usage information is relayed from the VLR in 
California through the PSTN 6 to tiie New York network 
for billing purposes. 

An authentication centre AC is coupled to the HLR. 
The AC includes a database of secret keys, known as A 
keys, that are uniquely associated with tiie MINs of indi- 
vidual user terminals, together a CAVE algorithm in 
accordance with tiie IS-41 recommendations. This 
stored data is used to autiienticate a user terminal, such 
as the terminal UT 1 . as will be explained in more detail 
hereinafter. 

For furtiier details of tiie IS-41 recommendations, 
reference is directed to the texttsook: Mobile Telecom- 
munications Networking with IS-41. by M.D. Gallagher 
& R.A. Snyder. McGraw Hill 1997 [ISBN 0-07-063314- 
2]. 

Mobile user terminal 

Referring to Figures 4 and 5. the mobile user termi- 
nal UT 1 1s configured to operate witii botii the local ter- 
restrial cellular network and the satellite network. Thus, 
in the example shown In Figure 2, tiie mobile handset 
UT 1 can operate either according to a land-based IS- 
41 protocol such as D-AMPS or according to the satel- 
lite network protocol, which generally con'esponds to a 
GSM protocol. As shown in Figure 4, the user terminal 
UT 1 conrprises a mobile handset which is capable of 
dual mode operation. It includes conventional IS-41 cir- 
cuits for use with the land-based cellular network 9 
togetiier with similar. GSM type circuitry for use with tiie 
satellite network. The handset comprises a microphone 
20, a speaker 21. a battery 22, a keypad 23. antennas 
24a. 24b for use witii the IS-41 and satellite networks 
respectively and a display 25 which can be used 
anfX)ngst otiier things, for displaying messages transmit- 
ted to the terminal over tiie digital packet data network, 
via the satellite link. The handheld unit UT 1 also 
includes a subsaiber Mentiflcation module (SIM) smart 
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card 26, primarily for use with the satellite network. 

The circuit configuration of the handset UT 1 is 
shown in block diagramniatic form in Figure 5. The SIM 
card 26 is received in an SIM card reader 27 coupled to 
a controller 28. typically a microprocessor. The micro- 
phone and speaker 20. 21 are coupled to codecs 29a. 
29b for use with the IS-41 and satellite networks respec- 
tively, coupled to respective conventional radio inter- 
faces 30a. 30b and respective antennas 24a. 24b so as 
to transmit and receive communication signals, in a 
manner well known perse for the IS-41 and the satellite 
networks. 

For the satellite networK the SIM card 26 includes 
a memory M 1 , shown in Figure 6. which stores an indi- 
vidual IMSI together with the seaet identification func- 
tion Ki which is unique to the SIM. and the algorithms 
A3/A8 and A5 in accordance with the GSM Recommen- 
dations, for authentication purposes, as will be 
described later. 

For the IS-41 networK the user terminal includes a 
numeric address module (NAM) 31 in accordance with 
the IS-41 recommendations, which stores the individual 
MIN and A key for the handset. Also, a memory M 2 
associated with the controller 28. stores the CAVE algo- 
rithm, used for authentication, to be described hereinaf- 
ter. 

Network selection 

As described previously, the networks can be 
selected in a number of different ways, either automati- 
cally depending on factors such as signal strength or 
manually In this example, for ease of explanation, the 
networks are described as being selected manually, by 
the use of a key on the keypad 23. 

When the keypad 23 is operated to select the IS-41 
networK the controller 28 selects the codec 29a and the 
radio interface 30a so that UT 1 operates at a frequency 
and accading to a protocol for the land based IS-41 
network 9. over the duplex link 11. When the satellite 
network is selected, the controller 28 selects the codec 
29b and the radio interface 30b so that UT 1 operates at 
a frequency and according to a protocol suitable for the 
satellite network and communication takes place over 
the duplex links 1 , 2 via the satellite 3a. 

Network interworking 

When the user terminal roams outside of the cover- 
age area of the PLMN 9 or when it is desired to use 
services available through the satellite network which 
are not available through the IS-41 networK calls from 
the land based mobile network 9 are directed to the user 
terminal UT 1 through the satellite network. An inter- 
working function unit (IWF) 32 shown in Figure 2 is pro- 
vided for this purpose, permitting full control over the 
service provision between the satellite and cellular land- 
based networks. The IWF 32 Is coupled between the 



HLR of the PLMN 9 and the VLRsqat satellite net- 
work, as shown in Figure 2. The IWF 32 is shown in 
more detail In Figure 7 and comprises a VLRiwf con- 
nected to the HLR of PLMN 9, together with a HLR|wf 

5 that is coupled to the individual VLRssat of the satellite 
network. In Figure 7, the HLR|wf is shown coupled to 
VLRsAT 1 on line 33 and a schematic connection to the 
other VLRssAT is shown as line 34. 

The HLR|WF includes a database of IMSIs for sub- 

10 scribers to the satellite service together with con^e- 
spondlng MINs for the user terminals that can be used 
with the land-based IS-41 network 9. for use in authen- 
tication, as will be described later. 

IS Service Provision 

The network configuration permits service provid- 
ers to offer services to a subscriber in a number of dif- 
ferent ways. One way is to provide a conventional PLMN 

20 service through the network 9 according to the IS-41 
protocol. Another way is to provide a solely satellite 
based service, provided through the backbone network 
5 and the SANs. An alternative way is to provide the sat- 
ellite based service as an extension of the PLMN 9 so 

25 that the user of terminal UT 1 uses the Home PLMN 9 
when in range, other PLMNs when roaming in respect 
of land-based networks, or alternatively the satellite net- 
work. Thus, the satellite network can allow tfie user ter- 
minal to be operated worldwide, outside of the range of 

30 terrestrial PLMNs, or the satellite service can provide an 
alternative to the PLMN when within range. These alter- 
natives will now be discussed in more detail: 

a) Conventional PLMN service 

35 

When the mobile user terminal UT 1 is within the 
coverage area of the PLMN 9 shown in Figure 1 . it can 
be operated in a conventional manner with the land- 
based network. The user terminal UT 1 is set, using the 

40 keypad 23 (Figure 4) so as to transmit and receive using 
the codec 29a and the radio interface 30a appropriate 
for tS-41 communication over the duplex link 1 1 shown 
in Figure 1. The user terminal UT 1 is thus registered 
with VLR1 of the IS-41 network shown in Figure 2. Prior 

45 to registration, a conventional IS-41 authentication pro- 
cedure is earned out. as will be explained later. Calls 
can then be routed from the telephone set 7 shown in 
Figure 1 . through the PSTN 6 to the PLMN 9 and hence 
to the user terminal UT 1 , over the duplex link 1 1 . The 

so incoming call is routed to the HLR of the network 9 and 
the MIN corresponding to the telephone number for the 
incoming call is determined from a look-up table in the 
HLR. The HLR also includes a table of the user termi- 
nals currently registered with the network 9, and from 

55 this data, the call can then be routed to the relevant BTS 
with which the destination user UT Is currently regis- 
tered. 
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b) Saielllte Service Provision 

For this mode of operation, a "stand-alone" satellrte 
service is provided through the backbone network 5. 
Referring to Figure 3. the satellite service provision s 
makes use of the satellite home location register (HLR- 
sat) contains records including the IMSI relating to 
each mobile user. 

Referring again to Figure 1, when a call from tele- 
phone set 7 is to be routed through PSTN 6 to the satel- 
lite service, the satellite service network has a 
predetermined telephone number prefix, together with a 
unique telephone number for the user. The call is routed 
through PSTN 6 and gateway GW1 to SAN 1 in this 
example. The SAN 1 then queries the satellite home 
location register HLRsat for the cun-ently registered 
location of the user i.e. the VLRsat with which the IMSI 
is currently registered. This operates in the same way 
as a GSM HLR and the IMSI corresponding to the tele- 
phone number for the incoming call is determined from 
a look up table in the HLRs^t- includes a 

table of the current location of the user terminals cur- 
rently registered with the networK this information hav- 
ing been fed to the HLR from the VLRssat associated 
with the individual SANs. From this comparison, the call 
can then be routed to the relevant SAN with which the 
destination user UT is currently registered. The call is 
then routed from the SAN through an appropriate satel- 
lite link to the user terminal UT 1. Billing information is 
accumulated in the HLRsat 

As specific examples of the satellite sen/ice, a call 
made from telephone 7 can be routed to user terminal 
UT 1 having an IMSI A via PSTN 6, GW 1. SAN 1 and 
satellite 3a, or a call can be made from UT 2 with IMSI 
B to UT 1 via SAN 2. backbone network 5 and SAN 1 . 

A full duplex link is established via the satellite 3a, 
with the signal formats being generally in accordance 
with the GSM recommendations. Thus, duplex voice 
communication channels are provided together with the 
other signal formats supported by GSM, including the 
short message service (SMS) and unstructured supple- 
mentary service data (USSD). SMS is described in 
more detail in The GSM System for Mobile Communi- 
cations" by M. Mouty and M-B. Pautet, on page 56 and 
allows short text messages to be transmitted to a mobile 
user terminal to be displayed on its display, i.e. the dis- 
play 25 shown in Figure 4. For further details of USSD, 
reference is directed to GSM Technical Specification 
GSM 02.90 November 1996, Version 5.0.0. published 
by ETSI, F-06291, Sophia Antipolis. Cedex, France. 
Briefly. USSD permits unstructured digital data mes- 
sages to be transmitted between elements of a network 
operating according to the GSM protocol. 

This form of service provision is attractive for users 
in remote locations where no PLMN exists. 



(c) Satellite service as an extension to existing 13-41 
PLMN service 

In this m ode of operation, the satellite service is 
used as a roamed network, so as to provide an exten- 
sion to the coverage area provided by the IS-41 PLMN 
9. As previously explained, in some drcumstances. it 
may be desirable to use the satellite network in prefer- 
ence to the IS-41 network in order to make use of 
enhanced services not available through the IS-41 net- 
work, but which can be accessed through the satellite 
network. Also, the satellite network can be used in 
areas where there is no IS-41 service, thus permitting 
the dual mode handset UT 1 to be used throughout the 
world, In addition to the coverage area of the IS-41 net- 
work 9. For this mode of operation, the satellite network 
is treated as a roamed network for the PLMN 9 so that 
calls which are routed through satellite network are 
billed using the existing facilities of the PLMN 9. 

For this mode of operation, the user terminal UT 1 
is set for operation at the satellite frequency networK by 
operation of keypad 23 to select codec 29b and radio 
interface 30b, for communication via antenna 24b over 
the duplex link 1 . 2 via satellite 3a. The user terminal UT 
1 thus registers with one of the VLRssat satellite 
network. In this example, it is assumed that it has regis- 
tered with VLRIsat shown In Rgure 2. This registration 
information Is transferred to the IWF 32. where a record 
of the IMSI for UT 1 and its registration with VLRsat 'S 
stored. Also, as previously explained, the HLR|wf con- 
tains a database of all IMSIs of user terminals which are 
permitted to intenwork with the IS-41 network, together 
with their corresponding MINs. The registration informa- 
tion is transferred to the VLRjwf shown in Figure 7 and 
communicated to the HLR of the IS-41 network 9 shown 
in Figure 2. 

When an incoming call from telephone set 7 shown 
in Figure 1, is routed through PSTN 6, over line 18 (Fig- 
ure 2) to the PLMN 9, it is initially directed to the HLR of 
PLMN 9 from which routing Information Is determined 
for routing tiie call over line 19, through tiie PSTN 6, to 
the gateway GW 1. and thence through SAN 1 and tiie 
duplex link 1 , 2 via satellite 3a, to the user terminal UT 
1. 

Authentication procedure 

Different authentication procedures need to be 
used for these three different sen^ice provisions, in 
order to determine that the user terminal may be permit- 
ted to be registered with the networks, as will now be 
described in detail: 

a) Auttrentk:atlon for conventional PLMN service 

When service option (a) described above is 
selected, a conventional IS-41 autiientication procedure 
is carried out prior to registering the user terminal 1 witii 
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VLR 1 of PLMN 9. This conventional authentication pro- 
cedure will now be described with reference to Figure 8. 

In response to an authentication request from user 
terminal UT 1. the authentication centre AC of PLMN 9 
generates at step Sd.1 a request for the user terminal s 
UT 1 to generate shared seaet data (SSD) in accord- 
ance with the conventional IS-41 protocol, the request 
being transmitted through the network in a conventional 
manner. As well known to those skilled in the art, the 
user terminal UT 1 stores a secret or A-key which is 
unique to the user terminal, together with its unique 
MIN. The A-key and the corresponding MIN are stored 
in the network in the secure authentication centre AC. A 
feature of the IS-41 SSD generation technique is that 
the A-key cannot be determined from the SSD by 
reverse engineering techniques. 

As step S8.2. the SSD is generated from the A-key. 
both at the user terminal UT 1 and at the AC. 

Then, at step S8.3. the MIN for user terminal UT 1 
is transmitted through the network to MSC 1. Then, at 
step S8.4, a challenge In the form of a random number 
RAND is generated in MSC 1 and transmitted through 
the network to user terminal UT 1 . 

Both the user terminal UT 1 and the authentication 
centre AC hold a copy of the IS-41 CAVE algorithm. As 
known In the art. a CAVE algorithm operates the SSD 
and RAND as inputs to produce an authentication 
response AUTHR. At step S8.5. the CAVE algorithm is 
run using the locally generated SSD and the value of 
RAND received from MSC 1 . to produce AUTHR. which 
is then transmitted to from user terminal UT 1 to MSC 1 , 
step S8.6. Then, at step S8.7, the values of MIN, RAND 
and AUTHR are transmitted from MSC 1 via the HLR, to 
the authentication centre AC. 

Then, at step S8.8, the CAVE algorithm is run 
locally at the AC using the locally generated SSD 
together with the receive value of RAND to produce 
AUTHR. The AUTHR produced at the AC is then com- 
pared with the AUTHR received from UT 1 at step S8.9 
and a RESPONSE depending on the outcome, is trans- 
mitted to the HLR of PLMN 9. If both versions of AUTHR 
are the same, the RESPONSE indicates to the HLR that 
successful authentication has been achieved. However, 
if the AUTHRs are different, the HLR is instructed to bar 
registration of UT 1 with VLR 1 . 

A modified authentication procedure Is shown in 
Figure 9 in which the comparison of the two values of 
AUTHR is carried out at MSC 1 . In this procedure, after 
transmission of the SSD request at step S9.1, the SSD 
generated at the AC is communicated to MSC 1. TTie 
authentication procedure then proceeds through steps 
S9.4 to S 9.7. which correspond to steps S8.3 to S8.6 in 
Rgure 8. The CAVE algorithm is then run. at step S9.8. 
at the MSC 1. rather than at the AC as In Figure 8, to 
produce a value of AUTHR. which is compared with the ss 
value of AUTHR transmitted from handset UT 1 at step 
S9.7. in order to produce the response at step S9.9. 

The modified procedure of Figure 9 has the advan- 



tage that it is not necessary to refer back to the AC for 
each authentication, due to the fact that the SSD has 
been transmitted to MSC1 . 

b) Authentication for sateliite service provision 

When the service provision b) discussed above is 
used, authentication for user terminal UT 1 is carried out 
according to an authentication process shown in Figure 
10. 

As previously mentioned, the user terminal UT 1 
includes a SIM smartcard which stores a unique IMSi, a 
unique Identification function Ki and a GSM encryption 
algorithm AS. according to the GSM Recommendations 
(Figure 6). The registration and authentication proce- 
dure involves transmitting the IMSI to the GSM authen- 
tication centre AuC associated with the satellite network 
(Figure 3) and comparing data from tiie SIM with data 
from the authentication centre AuC at MSSC 1 . 

In a first step SI 0.1 shown in Figure 10, the IMSI is 
transmitted from UT 1 via MSSC 1. to the HLRsat. 
where it is routed to the authentication centre AuC. As 
previously mentioned, the authentication centre AuC 
includes a copy of the identification function Ki associ- 
ated with each respective IMSI which is valkJ for use on 
tiie GSM network. 

At step SI 0.2, the IMSI is checked in the memory of 
the AuC, and a con'esponding value of Ki is retrieved. 
Also, a random number RAND is generated in tiie AuC 
using a random number generator (not shown). The 
random number RAND and the value of Ki are applied, 
in the AuC. as inputs to the GSM algorithm A3 to gener- 
ate a signed result SRES. The AuC also includes the 
GSM algorithm A8 which generates a secret key Kc tiiat 
is used for encryption/decryption of data transmitted 
over the air between the user terminal and tiie SAN. In 
practice, the algorithms A3/A8 may be constituted by a 
single algoritiim producing a 96 bit output of which 32 
bits constitute SRES and the remaining 64 bits consti- 
tute Kc. 

At step Si 0.3, a triplet of signals comprising RAND. 
SRES and Kc is fed from the autiientication centre AuC, 
through the HLRsat to MSSC 1. In practice, n triplets 
are supplied to MSSC 1 for use in subsequent authenti- 
cations, for example during a call, but the processing of 
only one triplet will be considered herein in order to sim- 
plify tiie explanation. 

At step SI 0.4. the individual value of RAND is 
transmitted on to the user terminal through the network 
from the MSSC. The SIM of the user terminal UT 1 
stores the algorithm A3/A8 so that, at step SI 0.5. a cor- 
responding value of SRES* is generated at the user ter- 
minal UT 1 from tiie received value of the random 
number RAND and the stored value of Ki in the SIM. 

TTie value of SRES' Is transmitted back at step 
SI 0.6 through the network to MSSC 1 and compared at 
step SI 0.7 with the originally generated value of SRES. 
K they are the same, tiie user terminal is authenticated 
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but otherwise registration of the user terminal UT 1 with 
VL^SAT 1 is barred. 

If the authentication is successful, MSSC 1 initiates 
encryption/decryption of data transmitted over the net- 
work, using an algorithm refered to in the GSM Specifi- 
cations as A5, which uses as its inputs, the secret key 
Kc and the frame number of data transmitted through 
the network.The SIM of the user terminal UT 1 gener- 
ates its own value of the secret key Kc using its locally 
stored copy of the algorithm A8. The local value of Kc at 
the user terminal UT 1 can then be used to 
encrypt/decrypt data, using a locally held copy of the 
algorithm A5. 

It will be understood that only essentially random 
numbers are transmitted over the air interface, which 
have no relation to one another, which minimises the 
risk of cloning or unauthenticated use. 

Assuming that the authentication procedure is suc- 
cessful, calls can be routed to UT 1 through the satellite 
network according to service provision option (b) dis- 
cussed above. 

c) Authentication iorsatellitB service when use as a 
roamed extension to the IS-41 PLMN 9. 

When the service provision option (c) discussed 
above, is used, i.e. when the satellite service is used as 
a roamed network for the IS-41 network 9. the service 
provider for the IS-41 network seeks secure, end-to-end 
authentication between the authentication centre AC of 
the network 9 and the user terminal UT 1 in order to pro- 
vide assurance that the billing information provided from 
the satellite network to the PLMN 9 is accurate. How- 
ever, the authentication procedures for the satellite net- 
work and the IS-41 network 9 are different, and 
incompatible. The present invention provides a solution 
to this problem and allows end-to-erid authentication to 
be carried out between the user terminal and the 
authentication centre of the IS-41 network. 

In accordance with the invention, IS-41 authentica- 
tion signals that are transmitted between the user termi- 
nal UT 1 and the IS-41 network 9, through the satellite 
network, are encoded as GSM USSD and are commu- 
nicated between the satellite network and the IS-41 net- 
work 9. through the intenworking function IWF 32. 

The overall scheme is shown in schematic form, in 
Figure 11. As a first stage, the user terminal UT 1 is 
authenticated for use with a satellite network in the 
manner described previously with reference to Figure 
10. This is shown as step S1 1 .1 . 

Thereafter, at step S1 1.2, the AC of the IS-41 net- 
work 9 instructs the user terminal UT 1 to perform an 
SSD update and a corresponding update is perlbrmed 
at the AC. This will be described in detail hereinafter, 
with reference to Figure 12. 

Then, at step S1 1 .3, an end-to-end authentication 
is can-ied out as will be described in detail hereinafter 
with reference to Figure 13. A modification of the 



authentication process will also be described w'lth refer- 
ence to Figure 14. 

SSD update 

5 

Referring to Figure 12, in order to initiate the 
authentication process, the authentication centre AC, at 
step SI 2.1 sends a SSD update request tiirough tiie IS- 
41 network 9 to the VLR,wf t^e 'WF 32, and tiience 

10 to the HLRiwp (Figure 7). The update request is in 
respect of a spec'tfic MIN corresponding to tiie MIN of 
user terminal UT 1 . The HLR|wf from its database of 
MINs and IMSls determines tiie corresponding IMSI for 
UT 1 and packages the update request as a USSD i.e. 

15 an unstructured message suitable for transmission 
according GSM protocol. The packaging is canried out 
at step SI 2.2. 

At step SI 2.3. the USSD is transmitted over the sat- 
ellite network to the user terminal UT 1 at step SI 2.4 is 

20 decoded by the controller 28 (Figure 6) . The message is 
recognised as a request to update the SSD which is 
tiien carried out and the update is stored in tiie memory 
M 2 shown in Figure 5. 

Also, at step SI 2.4. the SSD is updated at the AC in 

25 the IS-41 network 9. 

End-tO-9nd AMth^ntip^tiQn 

Referring now to Figure 13, end-to-end authentica- 
tion is then can'ied out to ensure that tiie user terminal 
UT 1 , when roaming from tiie IS-41 network 9 to tiie sat- 
ellite network, can be validly registered with the VLRsat 
of the satellite network. 

It will be recalled that during the initial satellite 
authentication procedure (step S1 1.1 in Figure 11 and 
Figure 10) the IMS! of UT 1 was communicated from tiie 
user terminal to the satellite network and tiie IMSI was 
registered in VLR 1 s^t As part of this process, the IMSI 
is communicated to HLRi^f of the IWF 32. It will also be 
recalled that tiie HLRiwf contains a table of IMSts and 
tiieir corresponding MINs. Referring to Figure 13, at 
step SI 3.1 , tiie MIN coresponding to tiie IMSI for UT 1 
is transmitted from HLR|wf to the VLR|wf 

At step SI 3.2, the VLR|wf produces a challenge in 
the form of a random number RAND according to con- 
ventional IS-41 protocol, and both RAND and MIN are 
transmitted back to tiie HLR|wf At step SI 3.3, tiie 
HLRiwf determines the IMSI which corresponds to tiie 
MIN and forms a USSD containing the challenge RAND, 
which is then transmitted over tiie satellite network 
according to GSM protocol, to tiie user terminal UT 1. 
The format of the USSD is shown in more detail in Fig- 
ure 15 and consists of a header portion 35 and a mes- 
sage portion 36. The controller 28 of the user terminal 
UT 1 (Figure 6) recognises the header portion 35 as 
being a challenge, and it takes the challenge as an 
instruction to run the CAVE algoritiim as shown at step 
S13.4. The CAVE algorithm uses as its inputs the MIN 
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stored in the NAM 31 of UT 1 shown in Figure 5, 
together the updated SSD stored in memory M 2 of UT 
1 , produced as a result of the upd£rte process descrik>ed 
with reference to Figure 12, at step SI 2.3. 

AUTHR is produced as a result of running the s 
CAVE algorithm, and at step 813.5. the UT 1 packages 
a USSD. in GSM format, to include AUTHR, which is 
then transmitted over the satellite network to the 
HLRjwp 

At step SI 3.6, the USSD with AUTHR is unwrapped io 
and the MIN, held at the HLRiwf together with AUTHR. 
is transmitted to the VLR|wf where the initial value of 
the challenge RAND, is collected and the triplet of sig- 
nals. MIN. RAND and AUTHR. are transmitted In IS-41 
format through the PLMN 9 to the authentication centre is 
AC. 

Then, at step SI 3.8, the CAVE algorithm is run 
locally at the AC. The CAVE algorithm uses as its inputs 
the updated SSD. together with RAND as transmitted 
thereto at st^ SI 3.7. The locally produced value of 20 
AUTHR is then compared with the value transmitted to 
the AC at step Si 3.7. from UT 1 . At step S1 3.9, a signal 
RESPONSE is produced depending on the outcome of 
the comparison of the two authorization response 
AUTHR. If they are the same, successful authentication 
has been achieved. In this situation, user terminal UT 1 
is permitted to register with the satellite network in VLR 
IsAT- OthenA^ise. the registration of the UT 1 1s removed 
from VLRsAT- 

From the foregoing, it will be seen that the authenti- 
cation centre AC operates as a checking station to com- 
pare the authentication responses produced by UT 1 
and the AC. In a modification shown in Figure 14, the 
VLR|WF can perform the function of the checking sta- 
tion. In this procedure, the initially produced SSD is 
transmitted at step 14.1 from the AC to the VLRjwp 
which, in a similar manner to the modification described 
with reference to Figure 9. avoids the need to transmit 
signals back and forth between the AC for successive 
authentications. 

Many other modifications fall within the scope of the 
invention. For example, whilst the invention is described 
in relation to tiie ICO^" satellite network, other satellite 
networks could be used, e.g. of tiie types discussed 
hereinbefore, with different satellite constellation and 
signal transmission protocols. 

Also, the invention can be used to provide authenti- 
cation for a 18-41 user terminal which roams to a GSM 
land based network, rather than roaming to a satellite 
network as previously desaibed. 

Also, whilst the signal communication on the paths 
1. 2 utilises a TDMA access protocol, others could be 
used, such as code division multiple access (CDMA) or 
frequency division multiple access (FDMA). 

Although for the sake of convenient explanation, the 
term "mobile" has been used to denote the user termi- 
nals UT, it should be understood that this term is not 
restricted to hand-hekJ or hand portable terminals, but 



includes, for example, terminals to be mounted on 
marine vessels or aircraft, or in terresti^ial vehicles. Also, 
it is possible to practice the invention with some of the 
terminals being completely or at least partially immo- 
bile. 

It will be understood that various components of the 
described examples of tiie invention may be located in 
different national jurisdictions. For the avoidance of 
doubt, the present invention extends to any part of com- 
ponent of the telecommunications apparatus or sys- 
tems, which contributes to tiie inventive concept. 

Claims 

1. A method of autiienticating a user terminal which 
has roamed from a first network that uses a first 
authentication protocol, to a second network that 
uses a second, different authentication protocol, 
comprising: 

transmitting an autiientication challenge to the 
user terminal according to tiie protocol of tiie 
first networK tiirough tiie second network, 
provkiing a response at tiie user tenminal to tiie 
25 challenge in accordance witii tiie first autiienti- 

cation protocol. 

transmitting tiie response through the second 
network, to a checking station, and 
comparing the response at tiie checking station 
30 with corresponding autiientication data for tiie 

first network according to the first protocol so 
as to autiienticate the user terminal according 
to the first protocol tor use with the first net- 
work. 

35 

2. A method according to claim 1 wherein the authen- 
tication challenge is ti^nsmitted to tiie user terminal 
tiirough the second network, packaged as a mes- 
sage in a data format pertinent to the second net- 

40 work. 

3. A metiiod according to daim 3 wherein the first net- 
work is configured in accordance with 18-41 recom- 
mendations, and tiie second network is configured 

45 in accordance with GSM recommendations. 

4. A method according to claim 4 including packaging 
the challenge and tiie response as a USSD or 
SMS. 

50 

5. A method according to any preceding claim includ- 
ing authenticating tiie roamed user terminal for use 
with said second network in accordance witii tiie 
second protocol, and only authenticating the termi- 

55 nal in accordance with the first protocol if tiie 
authentication according to the second protocol is 
successful. 
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6. A method acoording to claim 5 including: 

transmitting an initial authentication challenge 
to the user terminal according to the protocol of 
the second network, through the second net- 
worK 

providing a response at the user terminal to the 
challenge according to a predetermined algo- 
rithm in accordance with the second authenti- 
cation protocol, 

transmitting the response through the second 
network to a checking station for the second 
network, and 

comparing the response at the checking station 
for the second network with authentication data 
acoording to the second protocol to authenti- 
cate the user tenninal for use with the second 
network. 

7. A method according to any preceding claim 
wherein the second network is a satellite network 

8. A method of authenticating a user terminal which 
has roamed from a first network that uses a first 
authentication protocol, to a second network that 
uses a second, different authentication protocol, 
comprising: 

receiving an authentication challenge at the 
user terminal according to the protocol of the 
first networK transmitted thereto through the 
second network, 

providing a response at the user terminal to the 
challenge in accordance with tiie first authenti- 
cation protocol, 

transmitting the response at the user terminal 
using the second network, towards a checking 
station whereby to permit the response to be 
compared with corresponding authentication 
data for the first network according to tiie first 
protocol so as to authenticate the user terminal 
according to the first protocol for use with the 
first network. 

9. A meUiod according to daim 8 including: 

receiving an authentication challenge at the 
user terminal according to the protocol of the 
second network, transmitted thereto through 
the second network, 

providing a response at the user terminal to the 
challenge in accordance with ttie second 
auflientication protocol, 

transmitting the response at tiie user terminal 
using the second network, towards a checking 
station whereby to permit tiie response to be 
compared with corresponding autiientication 
data for the second network according to the 



second protocol so as to autiienticate the user 
terminal according to ttie second protocol for 
use with the second network. 

5 1 0. A user terminal for roaming from a first network tiiat 
uses a first authentication protocol, to a second net- 
work that uses a second, different authentication 
protocol, comprising: 

10 a receiver to receive an authentication chal- 

lenge according to the protocol of the first net- 
work, through the second network, 
means operative to provide a response to the 
challenge in accordance with the first autiienti- 

15 cation protocol, 

and a transmitter operative to transmit tire 
response tiirough the second network, for per- 
mitting the response to be compared at a 
remote checking station with oon^esponding 

20 authentication data for the first network accord- 

ing to the first protocol, for autiienticating the 
user terminal according to the first protocol, for 
use witii the first network. 

25 11. A user terminal according to daim 10 including: 

a receiver to receive an authentication chal- 
lenge according to the protocol of tiie second 
network, tiirough the second networK 
30 means operative to provide a response to tiie 

challenge in accordance with the second 
authentication protocol, 

and a transmitter operative to transmit the 
response tiirough the second network, for per- 

35 mitting the response to be compared at a 

remote checking station with con'esponding 
autiientication data for tiie second network 
according to the second protocol, for authenti- 
cating the user terminal according to the sec- 

40 ond protocol, for use witti the second network 

1 2. A user terminal operative according to GSM recom- 
mendations and IS-41 recommendations, and 
responsive to an IS-41 challenge packaged as a 

45 USSD or SMS, to produce a IS-41 response, trans- 
mitted as a SMS or USSD. 

13. An interworking function unit for providing inter- 
working between a first and second telecommuni- 

50 cations networks operative according to a first and 
second different sets of recommendations witii 
respective first and second authentication proto- 
cols, for use in authenticating a user terminal which 
has roamed from the first network to the second 

55 networK comprising: 

means for routing an authentication challenge 
according to the protocol of tiie first network. 
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towards a user terminal, through the second 
network. 

means to receive from the user terminal, 
through the second network, a response to the 
challenge in accordance with the first authenti- s 
cation protocol, and 

means for routing the response in a format in 
accordance with the recommendations for the 
first network, towards a checking station at 
which it is compared with con^esponding 10 
authentication data for the first network accord- 
ing to the first protocol so as to authenticate the 
user terminal for use with the first network. 

14. An intenA/orking unit according to claim 13 and is 
including the checking station. 

15. An interworking unit according to claim 13 and cou- 
pled to the first network, said checking station being 

in the first network. 20 

1 6. An interworking unit according to claim 1 3, 14, or 1 5 
operative to direct the authentication challenge 
towards the user terminal through the second net- 
work, packaged as a message in a data format per- 2s 
tinent to the second network. 

17. An interworking unit according to claim 16 wherein 
the first network is configured in accordance with 
IS-41 recommendations, and the second network is 30 
configured in accordance with GSM recommenda- 
tions. 

18. An intenworking unit according to claim 17 including 
means for packaging the challenge and the ss 
response as a USSD or SMS. 

19. A system for authenticating a user terminal which 
has roamed from a first network that uses a first 
authentication protocol, to a second network that 40 
uses a second, different authentication protocol, 

comprising: 

means operative to transmit an authentication 
challenge to the user terminal according to the 4S 
protocol of the first network, transmitted thereto 
through the second network, 
means for providing a response at the user ter- 
minal to the challenge in accordance with the 
first authentication protocol, so 
means for transmitting the response through 
the second network, to a checking station, and 
means for comparing the response at the 
checking station with corresponding authenti- 
cation data for the first network according to the ss 
first protocol so as to authenticate the user ter- 
minal according to the first protocol for use with 
the first network. 
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